From e711c505c4830ab271938d61af90a2075523f058 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 6 Feb 2021 20:43:06 +0100
Subject: [PATCH] cgi_send_banner(): Overrule invalid image types

Prevents a crash with a crafted CGI request if
Privoxy is toggled off.

OVE-20210206-0001.

Reported by: Joshua Rogers (Opera)
---
 cgisimple.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/cgisimple.c b/cgisimple.c
index fd47c6d0..866ac263 100644
--- a/cgisimple.c
+++ b/cgisimple.c
@@ -542,6 +542,14 @@ jb_err cgi_send_banner(struct client_state *csp,
 {
    char imagetype = lookup(parameters, "type")[0];
 
+   if (imagetype != 'a' && imagetype != 'b' &&
+       imagetype != 'p' && imagetype != 't')
+   {
+      log_error(LOG_LEVEL_ERROR, "Overruling invalid image type '%c'.",
+         imagetype);
+      imagetype = 'p';
+   }
+
    /*
     * If type is auto, then determine the right thing
     * to do from the set-image-blocker action
-- 
2.39.2